Private, Secure, Safe Email

If Your Email is not safe, nothing else is

Secure Messaging

Gone are the days of storing and maintaining piles of files in a cabinet in a locked room. Now all the data is on the Internet; password protected yet vulnerable. Not only significant cyber threats like ransomware are the danger but anyone who wants to harm you can hack your system and can leak your data. How? Because the Internet is that fragile.

Would you like to see your years of hard work turn into dust or would you switch to a platform where everything is secured?

What Is Private Email?

In an ideal world, private email world should not exist because email is supposed to be closed, but the reality is we don’t live in a perfect world. Many professionals who use popular free webmail programs like YahooMail, Gmail, AOL, or Office360, have the illusion that their emails are private. All of the free versions of these services generate advertising revenue by reading your personal and business mail and serving ads that are tailored to the content of your private email. The crude reality is, every word you write is getting monitored that’s why you see personalised ads as per the content of your private email. A real private email is where absolutely no one nor human nor robot can look at your email but the receiver. Email that is end to end encrypted.

Your businesses’ sensitive communications and intellectual property require and deserve privacy.

What Is Encrypted Email?
Encrypted email is email that is contained behind SSL encryption (Secure Socket Layer), and this is one of five layers of protection that makes our secure email secure.

To know what an encrypted email is, you should know what encryption is? Encryption is a process of converting data into a code to prevent any unauthorised access. For instance, if you send an email to someone that is not encrypted, anyone can read the content of the email. If your email is end to end encrypted, everyone except the sender and the receiver will see the content as xxxxxxxxx or @!*x&#.

We keep your email encrypted by using SSL (Secure Socket Layer), and this is one of the five layers of protections that we apply for email security.

What Is Secure Email?
Secure email is email that is not obtainable by any means of intrusion. More that just “encrypted”, secure email must be unobtainable in order for it to be secure in the true sense. Think of Fort Knox. Is the gold in a vault? It certainly is (this is encryption). Is the vault in a secure facility that is locked down to everyone but the help. Most certainly (this is secure). Is the facility located on an impregnable military base protected by M-16’s, Tanks, and the US Marine Corp? That’s Dooth.

We provide businesses with fortress level privacy and security for corporate messaging and collaboration.

What Is HIPAA Compliant Email?
Unprotected PHI is all around us. If Protected Health Information (PHI) is shared in an email environment like that is not private, it is at risk of HIPAA violation. HIPAA complaint email must have four attributes in order to comply:

Must I Have a BAA With My Email Vendor to be HIPAA Compliant?
If a email outside of your EHR’s Patient Portal references a patient in a way that the sender or receiver can tell the identity of the patient in reference, then yes, a BAA must be in place with your technology provider to be in HIPAA compliance.

Must HIPAA Compliant Email Be Able To Produce a Audit Report?
If email is used PHI is contained in any inbound or outbound email, then yes, your email client or email program must be able to produce the audit report required by HIPAA guidelines on email, messaging and texting.

2018 Top 10 Best Secure Private Email

1. Dooth

Dooth is a private Internet platform that extends the public Internet to offer secure and private email, instant messages, online calendars, online task managers, and file shares. Dooth are also developing a private wall-post, a private search engine, a private photo share, and many more features are in the making. Online activities on Dooth are private, protected with five levels of security:

  1. Encrypted Identity:

All your personal sign-up information is encrypted.

2) Encrypted Content and Storage:

All of your data are encrypted on top of encrypted storage

3) Encrypted Transmission:

All communication between your device and Dooth are encrypted.

4) You set your own “Crypt” key:

Third level user defined authentication; Create personalized “crypt” key to dual authenticate credentials to your account.

5) Recipient Authentication:

Sender defined recipient access key. No username and password or sign-up to access message.

   Most importantly, Dooth has no ability to read your information. Quite frankly, we are not interested; it is not our business to read and track it to make money! In fact, Dooth is exactly the opposite.  We want to give our users the privacy so no one can read and track it. Can the public Internet be just a ‘Dooth’ (a mere online messenger) and leave my messages alone? Unfortunately it cannot! The public Internet will continue to function as it works today because of how consumers pursue it, and online businesses that dominate public Internet commercialize it. The solution to this problem is not to change the public Internet, but rather to extend it with a private Internet to protect and safeguard personal and sensitive information and to keep it separate from our public Internet activities.

2. Protonmail

The founding team of Technologies AG (who met at CERN) created and launched ProtonMail on August 29, 2013 has grown into a global leader in online security. Today, they provide secure email to over one million users. In addition to headquarters in Geneva, Switzerland, they have support centers in San Francisco, CA, and Skopje, Macedonia. A global presence allows for 24/7 support and monitoring of mission critical applications for all customers.

3. CounterMail

 CounterMail retroactively eliminates the use of “cookies” as to minimize your “trace” on the web. They don’t store their clients information on any one server; instead opting to store bits of encrypted information on a system of them to protect against data leakage. Nor do the servers log any of the IP addresses of it’s clients.  With thee anonymous email header, the software removes the personal IP address from the header. Also, the attachments of your emails are stored in an encrypted form. None of your personal data or individual account data is ever shared to corporations or sold to advertising. All promised to be guarded by “strong open source algorithms.”

4. Gmail

When you use Google services, Google may collect and process information about your actual location. We use various technologies to determine location, including IP address, GPS, and other sensors that may, for example, provide Google with information on nearby devices, Wi-Fi access points and cell towers.

Companies use the information Gmail will collect from all of our services to provide, maintain, protect and improve them, to develop new ones, and to protect Google and our users. Gmail will also use this information to offer you tailored content – like giving you more relevant search results and ads.

People have different privacy concerns. Gmail’s goal is to be clear about what information they collect, so that you can make meaningful choices about how it is used. For example, you can: Review and update your Google activity controls to decide what types of data, such as videos you’ve watched on YouTube or past searches, you would like saved with your account when you use Google services. You can also visit these controls to manage whether certain activity is stored in a cookie or similar technology on your device when you use our services while signed-out of your account. Review and control certain types of information tied to your Google Account by using Google Dashboard. View and edit your preferences about the Google ads shown to you on Google and across the web, such as which categories might interest you, using Ads Settings. You can also visit that page to opt out of certain Google advertising services.

5. Office 365

Microsoft-managed service-level security technologies and policies are enabled by default, and customer-managed controls allow you to customize your Office 365 environment to fit your organization’s security needs. Office 365 is continuously updated to enhance security.

Data you put into Office 365 belongs to you, that means you have complete control of it. Office 365 gives you extensive privacy controls and visibility into where your data resides and who has access to it, as well as availability and changes to the subscription service. If you end your subscription, you can take your data with you at any time.

Office 365 offers you the ability to enable and enforce multi-factor authentication for end users. As  well as the use of their mobile app, phone call, and TXT message as secondary  authentication factors.

6. Mailfence

 Mailfence is a Belgian company, it cannot receive and has never received any US National Security Letters or FISA court orders. There are not any backdoors to be found in thier hardware or software. The starting package for Mailfence is the free plan. End-to-end encrypted code with a digital signature component and advanced key management for authentication of credentials. For further security the way their servers are set up, they don’t save any user data on any of the server hard drives. Then they add Perfect Forward Secrecy to protect your data from being compromised on the receiving end. There is a cellular add-on that lets you use their services for securing your text messages. In addition to everything else, Mailfence provides a web-browser function with thier HTTP Strict Transport Security algorithm that block your information from being read by anything other than the site your computer is talking to.

7. Tutanota

Tutanota offers an open webmail service that is very easy to use. Their design enables everybody to send secure messages. All the encryption is taken care of automatically in the background. Simply access your secure mailbox with your favorite web browser from any device. You can also use their mobile apps for Android and iOS. Your password easily unlocks your private key and your encrypted information on any device simply by logging in to your Tutanota account. Tutanota also lets you browse the web with relative safety from cookies and malware.

8. Lavabit

DIME is the platform that Lavabit operates off of. For Lavabit, DIME solves some security problems that they believe other companies let fall through their fingers. It’s the only automated, federated, encryption standard that works with different service providers while minimizing the leakage of metadata without a centralized authority.To support the DIME environment, they’ve created the Dark Mail Access Protocol—DMAP—and Dark Mail Transfer Protocol—DMTP—to replace IMAP. they’ve presented both protocols to the Internet Engineering Task Force for certification and adoption. DIME solves problems that plague legacy standards and combines the best of current technologies into a complete system. You get the greatest possible protection—and your email stays fast and easy to use. DIME lets you select the security level that meets your needs and matches your mindset: Trustful, Cautious, and Paranoid. The level you pick determines how your account operates, where encryption and decryption take place, where your private key is stored.

9. Protected Trust

Founded in 2003, Protected Trust began as an email hosting and cloud services company focused on helping governments store data and communicate securely. any small to medium sized business in high-compliance industries would benefit from Protectedtrust, furthering commitment to privacy, security and compliance from HIPAA, GLBA and SEC. Protected Trust also interfaces with Office 365 and has been a partner with Microsoft Office for the last 15 years; working to secure the apps within Microsoft office.There are 3 levels of accounts with Protected Trust:

  1. Guest Account

Communicate freely with business users
10 free secure emails to anyone
30-Day Message Retention

2) Trial Account

Business Account Features
Signup in 2 minutes
No credit card needed

3) Business Account

Administrator Control & Reporting
Compliance Ready (HIPAA, GLBA, SOC, & More)
Custom Branding

10. Virtru

The Virtru system consists of four components: Virtru client libraries that sit on the content creator’s device (typically a browser extension or plug-in), the Virtru Access Control Management (ACM) Server that provides key management and mediates policies, object stores that hold encrypted content, and receiving clients.

Virtru clients encrypt content on the device, keeping it encrypted until an authenticated party receives a key to decrypt. Third parties cannot access unencrypted content.

The ACM mediates several different types of policies, such as:

  • Encryption key ownership
  • Encryption key access
  • Current access state (active or revoked)
  • Access expiration
  • Authorization to add others to the policy (disable forwarding)
  • Content protection settings (watermarking, download disablement)